Checklist Accountability #808
Comments
|
Thanks for the issue. I like the idea of adding a name/date to each setting to viewers of the checklist know that a setting has been verified by an individual. Just to be sure we are only looking for a tag added to the string "Addressed by PowerStig MOF via ..." ? I will start working on this, Eric |
|
Here is the PR (#809) it allows for a new parameter to be passed to the checklist creation function [string] $Verifier, here is an example output from my lab, let me know what you think $DscResults = Test-DsCconfiguration -Detailed
$XccdfPath = 'C:\Users\eric\Desktop\Checklist\U_MS_Windows_10_STIG_V2R1_Manual-xccdf.xml'
$outputPath = "C:\Users\eric\Desktop\Checklist\checklist.ckl"
$verifier = "PowerSTIG User 12/17/2020"
New-StigCheckList -DscResult $DscResults -XccdfPath $XccdfPath -OutputPath $outputPath -Verifier $verifier -Verbose
Addressed by PowerStig MOF via [AccountPolicy][V-220742][medium][SRG-OS-000077-GPOS-00045]::[WindowsClient]baseline and verified by PowerSTIG User 12/17/2020 Eric |
|
Every accreditor has their own way of wanting things to be formatted. Some will want the operators information and timestamp of when the audit/scan occurred within Finding Details or Comment Section. I do believe the above output will go into the Comment section. |
|
Added the ability to append the output to include a verifier string. |
Part of the documentation and checklist creation process is for auditors and corresponding stakeholders are identify who conducted compliance check for a particular checklists.
Currently, PowerSTIG users are able to manual inject entries in the form of a XML file. But this injection feature is meant to take care of STIG items that are not automated by PowerSTIG. Can a feature be added within the checklist generation process where the user can add their name and date into the Finding Details section of the checks that are automated.
The text was updated successfully, but these errors were encountered: